CN205787723U - A kind of embedded device information security comprehensive test device - Google Patents

A kind of embedded device information security comprehensive test device Download PDF

Info

Publication number
CN205787723U
CN205787723U CN201620447107.5U CN201620447107U CN205787723U CN 205787723 U CN205787723 U CN 205787723U CN 201620447107 U CN201620447107 U CN 201620447107U CN 205787723 U CN205787723 U CN 205787723U
Authority
CN
China
Prior art keywords
module
test
data
transmission blocks
data transmission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201620447107.5U
Other languages
Chinese (zh)
Inventor
胡朝辉
梁智强
江泽鑫
陈炯聪
黄曙
林丹生
伍晓泉
胡海生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Southern Power Grid Power Technology Co Ltd
Original Assignee
Electric Power Research Institute of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of Guangdong Power Grid Co Ltd filed Critical Electric Power Research Institute of Guangdong Power Grid Co Ltd
Priority to CN201620447107.5U priority Critical patent/CN205787723U/en
Application granted granted Critical
Publication of CN205787723U publication Critical patent/CN205787723U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Examining Or Testing Airtightness (AREA)

Abstract

A kind of device of embedded industrial control equipment information security integration test, including a: central processing unit respectively with data generation engine, leak discrimination module, display module, store module, data transmission blocks and data monitoring receiver module connect, agreement fuzz testing module, dynamic port test module, application safety test module, Loopholes of OS test module and configuration management safety test module are connected with described data generation engine respectively, data transmission blocks and data monitoring receiver module external equipment under test respectively, data transmission blocks is connected with equipment under test after digital-to-analogue conversion also simultaneously again.This utility model automatical and efficient can carry out information security test according to predetermined rule all sidedly to embedded industrial control equipment, and judge the leak of embedded industrial control equipment according to the running status of embedded device and data output feedback;Meanwhile, the leak of embedded device stored and concentrate displaying.

Description

A kind of embedded device information security comprehensive test device
Technical field
This utility model relates to a kind of embedded device information security comprehensive test device.
Background technology
In recent years, network security problem becomes increasingly conspicuous, and hacker attacks and Phenomenon of Network Attack are increasing.And constantly popularizing along with computer networking technology, the public uses the number of times of computer to get more and more.Particularly common information infrastructure construction has promoted government, enterprise day by day to rely on various information system, and some relate to the business of national economy, system receives unprecedented security challenge.As Wiki deciphering website have leaked the confidential information of a large amount of government;Citigroup's hacker attack causes the customer account information of more than 36 ten thousand to be stolen;CSDN website is hacked and causes more than 600 ten thousand subscriber datas to be compromised.These accidents absolutely prove that network security is to country, government and the importance of enterprise.
At present, national substantial amounts of infrastructure uses embedded industrial control equipment to carry out the long-range control of data acquisition and system.But, still it being in the starting stage for the information security test job of embedded industrial control equipment and bug excavation work, existing method is to use the test of single testing tool, but it is single not comprehensively and the problem such as inefficiency to there is test result.Up to the present, State Intellectual Property Office (http://www.sipo.gov.cn/) not yet retrieves the content that " embedded device information security integration test " is relevant.
Utility model content
Technical problem to be solved in the utility model, just it is to provide the device of a kind of embedded industrial control equipment information security integration test, this device automatical and efficient can carry out information security test according to predetermined rule all sidedly to embedded industrial control equipment, and judge the leak of embedded industrial control equipment according to the running status of embedded device and data output feedback;Meanwhile, the leak of embedded device stored and concentrate displaying.
Solving above-mentioned technical problem, the technical solution adopted in the utility model is as follows:
nullA kind of device of embedded industrial control equipment information security integration test,It is characterized in that including: agreement fuzz testing module、Dynamic port test module、Application safety test module、Loopholes of OS test module、Configuration management safety test module、Data generation engine、Central processing unit、Display module、Store module、Data transmission blocks、Leak discrimination module and data monitoring receiver module,Described central processing unit respectively with described data generation engine、Leak discrimination module、Display module、Store module、Data transmission blocks and data monitoring receiver module connect,Described agreement fuzz testing module、Dynamic port test module、Application safety test module、Loopholes of OS test module and configuration management safety test module are connected with described data generation engine respectively,Described data transmission blocks and data monitoring receiver module external equipment under test respectively,Described data transmission blocks is connected with equipment under test after digital-to-analogue conversion also simultaneously again.
The major function of this device is the information security present situation that aid system O&M, tester quickly understand embedded industrial control equipment, repairs the information security hidden danger of industrial control system on-site monitoring equipment in advance, reduces the Information Security Risk of national basis facility.
The major function of each functional module is as follows:
Agreement fuzz testing module realizes the configuration of agreement fuzz testing rule and generates, and the communication protocol of this module support includes IEC-102, IEC-103, IEC-104, MMS, Goose, SV, IEC61850, modbus, profinet, dnp3.0, OPC, EPA real-time ethernet, Ethernet, ICP/IP protocol etc..
Application safety test module realizes the configuration of application safety test order and generates.This module supports that test suite includes: FTP, SNMP, SSH, WEB middleware, WEB application, SSL, monitoring backstage SCADA software.
Dynamic port test module realizes the configuration of dynamic port test order and generates.
Device configuration management safety test module realizes the configuration of device configuration management safety test rule and generates.This module supports that the test order that equipment identities differentiates configuration, SNMP configuration, WEB application configuration, the configuration of WEB middleware, SSH configuration, FTP configuration, the configuration of console interface, debugging interface configuration, SCADA software arrangements, SSL configuration, audit configuration etc. generates.
Loopholes of OS test module realizes the configuration of Loopholes of OS test order and generates.The operating system of this module support includes including linux, class linux, UNIX, class UNIX, Tru 64, vxworks, AIX, solaris, windows (including winCE), naked system etc..
Data generation engine modules is according to agreement fuzz testing rule module, application safety test module, dynamic port test module, device configuration management safety test module and the test order of Loopholes of OS test module, generate test packet, and issue data transmission blocks.
Data transmission blocks is responsible for test data are sent to equipment under test.
Data monitoring receiver module is responsible for monitoring and the data mode receiving equipment under test and output data, and through digital-to-analogue conversion, the analogue signal of equipment under test data is become digital signal, and data monitoring received are issued leak discrimination module and have been carried out leak judgement.
Leak discrimination module carries out leak differentiation according to the data received, and result output to display module carries out concentrating displaying, and result is stored in storage module.
Accompanying drawing explanation
Fig. 1 is this utility model embedded industrial control equipment information security comprehensive test device structural representation.
Detailed description of the invention
See Fig. 1, the device embodiment of embedded industrial control equipment information security integration test of the present utility model, including: agreement fuzz testing module, dynamic port test module, application safety test module, Loopholes of OS test module, configuration management safety test module, data generation engine, central processing unit, display module, storage module, data transmission blocks, leak discrimination module and data monitoring receiver module.
Central processing unit is connected with data generation engine, leak discrimination module, display module, storage module, data transmission blocks and data monitoring receiver module respectively, agreement fuzz testing module, dynamic port test module, application safety test module, Loopholes of OS test module and configuration management safety test module are connected with data generation engine respectively, data transmission blocks and data monitoring receiver module external equipment under test respectively, data transmission blocks is connected with equipment under test after digital-to-analogue conversion also simultaneously again.I.e. data monitoring receiver module directly can be connected with equipment under test or is connected with equipment under test by digital-to-analogue conversion module.
Agreement fuzz testing module, dynamic port test module, application safety test module, Loopholes of OS test module, configuration management safety test module produce test data by data generation engine, and process through central processing unit, and it is sent to equipment under test through data transmission blocks;Equipment under test is to test data reflection, and test data are fed back or are changed oneself state;Data monitoring receiver module receives the data of equipment under test feedback or the state to monitoring device, and the data collected are sent to leak discrimination module;Leak discrimination module carries out leak differentiation according to the data collected, and the result of differentiation is stored in storage module and is sent to display module and carries out centralized displaying.

Claims (1)

1. a device for embedded industrial control equipment information security integration test, is characterized in that including: agreement fuzz testing module, Dynamic port test module, application safety test module, Loopholes of OS test module, configuration management safety test module, Data generation engine, central processing unit, display module, storage module, data transmission blocks, leak discrimination module and data Monitoring receiver module, described central processing unit respectively with described data generation engine, leak discrimination module, display module, Store module, data transmission blocks and data monitoring receiver module connect, described agreement fuzz testing module, dynamic port Test module, application safety test module, Loopholes of OS test module and configuration management safety test module respectively with institute The data generation engine stated connects, described data transmission blocks and data monitoring receiver module external equipment under test, institute respectively The data transmission blocks stated is connected with equipment under test after digital-to-analogue conversion also simultaneously again.
CN201620447107.5U 2016-05-17 2016-05-17 A kind of embedded device information security comprehensive test device Active CN205787723U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201620447107.5U CN205787723U (en) 2016-05-17 2016-05-17 A kind of embedded device information security comprehensive test device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201620447107.5U CN205787723U (en) 2016-05-17 2016-05-17 A kind of embedded device information security comprehensive test device

Publications (1)

Publication Number Publication Date
CN205787723U true CN205787723U (en) 2016-12-07

Family

ID=58119840

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201620447107.5U Active CN205787723U (en) 2016-05-17 2016-05-17 A kind of embedded device information security comprehensive test device

Country Status (1)

Country Link
CN (1) CN205787723U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106886211A (en) * 2017-02-20 2017-06-23 北京奇虎科技有限公司 Automotive safety tests the determination method and device of grade
CN113507436A (en) * 2021-06-02 2021-10-15 中国人民解放军63880部队 Power grid embedded terminal fuzzy test method aiming at GOOSE protocol

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106886211A (en) * 2017-02-20 2017-06-23 北京奇虎科技有限公司 Automotive safety tests the determination method and device of grade
CN106886211B (en) * 2017-02-20 2019-07-19 北京奇虎科技有限公司 The determination method and device of automotive safety test grade
CN113507436A (en) * 2021-06-02 2021-10-15 中国人民解放军63880部队 Power grid embedded terminal fuzzy test method aiming at GOOSE protocol
CN113507436B (en) * 2021-06-02 2022-08-23 中国人民解放军63880部队 Power grid embedded terminal fuzzy test method aiming at GOOSE protocol

Similar Documents

Publication Publication Date Title
Barbosa et al. Intrusion detection in SCADA networks
Song Testing and evaluation system for cloud computing information security products
WO2020151483A1 (en) Stress testing system for internet-of-things platform, method, device, and server
Kang et al. Analysis on cyber threats to SCADA systems
CN110752951A (en) Industrial network flow monitoring and auditing method, device and system
CN105450442A (en) Network topology checking method and system thereof
Singh et al. A testbed for SCADA cyber security and intrusion detection
CN105991587A (en) Intrusion detection method and system
CN205787723U (en) A kind of embedded device information security comprehensive test device
CN104660593A (en) Method for filtering OPC security gateway data packets
CN106959685A (en) A kind of system and method for the steam turbine DEH control system leak test based on RT LAB technologies
Belqruch et al. SCADA security using SSH honeypot
CN111343169A (en) System and method for gathering security resources and sharing information under industrial control environment
CN101616023A (en) A kind of method of cluster being implemented monitoring by note
Rowe et al. Creating effective industrial-control-system honeypots
Jørgensen et al. Building a hardware-in-the-loop (HiL) digital energy station infrastructure for cyber operation resiliency testing
CN109981594A (en) Network security situational awareness method based on big data
Waagsnes et al. Intrusion Detection System Test Framework for SCADA Systems.
Rajesh et al. Vulnerability analysis and enhancement of security of communication protocol in industrial control systems
Parvez et al. Framework for implementation of AGA 12 for secured SCADA operation in Oil and Gas Industry
Amrein et al. Security intelligence for industrial control systems
Qin et al. You can’t protect what you don’t understand: characterizing an operational gas SCADA network
CN104618190A (en) Shell-based network bandwidth testing method under cluster environment
Iqbal et al. An experimental forensic testbed: Attack-based digital forensic analysis of WAMPAC applications
CN105159212A (en) State spot-check and maintenance monitoring system and method of mobile machinery

Legal Events

Date Code Title Description
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210223

Address after: Room 501-503, annex building, Huaye building, No.1-3 Chuimao new street, Xihua Road, Yuexiu District, Guangzhou City, Guangdong Province 510000

Patentee after: China Southern Power Grid Power Technology Co.,Ltd.

Address before: 510080 water Donggang 8, Dongfeng East Road, Yuexiu District, Guangzhou, Guangdong.

Patentee before: Electric Power Research Institute of Guangdong Power Grid Co.,Ltd.

TR01 Transfer of patent right